How is the Air Force currently protecting, certifying, and ensuring chain of custody for the IT supply chain and facility infrastructure and what industry best practices should the Air Force adopt to ensure quality, integrity, and accreditation?
Common attacks on large IT footprints starts in the form of supply chain breaches for IT devices or the supporting infrastructure for the data centers (e.g. HVAC, SCADA, etc). Components within devices can be manufactured with malicious intent or defects that can be exploited at a later date. Additionally, the DoD supply process is subject to competition leading to businesses exploiting the profit margin by selling counterfeit or remanufactured products as new.